IT Security for Hybrid Working
Updated: Jan 26, 2022
We’re coming up to two years since Covid-19 forced a work-from-home revolution and hybrid working, the combination of remote and office-based working, looks set to continue in some capacity.
While there are obvious benefits, working from home does create cyber security risks for businesses, including targeted cybercrime.
Here are 9 easy things you can do to ensure high levels of IT Security are upheld when you and your staff are working remotely.
1. Use a Virtual Private Network (VPN)
First and foremost, businesses should create a Virtual Private Network (VPN) to secure your web browsing and remote network access.
VPN’s allow you to create a secure connection to networks over the internet by using encryption codes which scramble your data when it’s sent over a WIFI network, making the date unreadable.
2. Avoid public Wi-Fi
Public Wi-Fi 'hotspots' in places like cafés, hotels and libraries are convenient, but they can be risky.
Advise your staff to avoid sending or receiving valuable or sensitive information when connected to public Wi-Fi networks.
3. Enforce strong and secure passwords
Enforcing regular password changes, including minimum character lengths and special characters will improve your IT Security.
The Australian Cyber Security Centre (ACSC) recommends passphrases (example - red-towel-barking-dog-Summer-Days!) because they are hard for cybercriminals to crack, but easy for you to remember.
Create passphrases that are:
Long: The longer your passphrase, the better. Make it at least 14 characters in length.
Unpredictable: use a random mix of unrelated words. No famous phrases, quotes or lyrics.
Unique: Do not reuse passphrases on multiple accounts.
4. Implement multi-factor authentication
Multi-factor authentication is one of the most effective controls you can implement increase your protection from the most common types of cyber threats.
MFA requires a combination of something the user knows (pin, secret question), something they physically possess (card, token) or something they inherently possess (finger print, retina).
The multiple layers make it much harder for criminals to attack your business. Criminals might manage to steal one method of authentication e.g. PIN, but they still need to obtain and use the other proofs of identity. Two-factor authentication (2FA) is the most common type of MFA.
5. Use antivirus and internet security software
One of the most effective security tips for working from home is to invest in a comprehensive antivirus suite for you and your employees.
Antivirus suites take the hard work off your hands by offering automatic remote work security against a host of threats, including:
Zero-day attacks (viruses taking advantage of security flaws before they are patched)
Malware, spyware, and viruses
Trojans and worms
Phishing scams, including those sent via email
6. Invest in a sliding webcam cover
Working from home usually means taking part in teleconferences and video calls which require the use of your webcam. Unfortunately, savvy hackers can easily access your webcam without permission, compromising your privacy.
Sliding webcam covers are easy to find and easy to install.
7. Invest in IT Security training
Cybercriminals see a crisis as an opportunity and businesses transitioning to working from home arrangements can be an attractive target.
Digit IT can provide IT Security training for staff. Or, at a minimum, advise your staff to be more aware of scams and to exercise more caution when working remotely including:
Exercise critical thinking and vigilance when you receive phone calls, messages and emails.
Exercise caution in opening messages, attachments, or clicking on links from unknown senders.
Be wary of any requests for personal details, passwords or bank details, particularly if the message conveys a sense of urgency.
If in any doubt of the communicator's identity, delay any immediate action. Re-establish communication later using contact methods that you have sourced yourself.
8. Provide all employees with corporate devices
Providing employees with corporate devices enables the business to set up restrictions for websites, downloadable content and/or applications, adding another layer of security.
Furthermore, centralised software and antivirus updates can be rolled out remotely, meaning the business does not have to rely on the employee to update their device.
9. Invest in an IT Security Audit
Invest in a Digit IT IT Security Audit to determine the current state of your IT security and receive recommendations on how to rectify critical vulnerabilities.
Our comprehensive IT Audit will also highlight any vulnerabilities and weaknesses you have in your IT infrastructure allowing you time to proactively fix them before any cyber threats occur.
Get a Quote
Please contact Digit IT to discuss your IT Security needs on 07 4637 9033 or head to our IT Security webpage for more information.